Re: tunneling through hotspot firewall

[Daniel Gultsch <daniel () gultsch de>]

On Fri, 24 Apr 2009 11:41:30 -0430
Aarón Mizrachi <unmanarc () gmail com> wrote: 
> It could work... but, some wireless hotspot blocks UDP traffic and
> only allow 80 and 443 TCP... With TCP, the clone computer will emit
> an ICMP or RST closing your connection.

well yeah. given the fact that the firewall blocks nothing but maybe
some IRC or gaming ports.

> There is a well known method called DNS tunneling: 

I'm aware of this. But thanks anyway.

> Aprox, 90% (or more) of hotspots lets you resolve directly any DNS
> address without any logon or mac address verification. 

yap. I can confirm this. I btw have a success rate of 100% but I tested
only a handfull.

> The best method to protect your Wireless AP is using a VPN's... but
> its VERY nasty to implement... 

Yes because you kinda have to force the user to install a vpn client.
esp among windows user this is not very common.

- daniel

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Tired of using other people's tools? Why not learn how to write your own exploits?
InfoSec Institute's Advanced Ethical Hacking class teaches you how to write stack and heap buffer overflow exploits for 
Windows and Linux. Gain your Certified Expert Penetration Tester (CEPT) cert as well.

http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html
------------------------------------------------------------------------